Detections
Analytics

Item Search

NameAudit NamePluginCategory
1.1.9 Set 'aaa accounting network'CIS Cisco IOS XE 16.x v2.2.0 L2Cisco

AUDIT AND ACCOUNTABILITY

2.2 Ensure the Log Config Module Is EnabledCIS Apache HTTP Server 2.2 L2 v3.6.0Unix

AUDIT AND ACCOUNTABILITY

2.2.1 Set 'logging on'CIS Cisco IOS 15 L1 v4.1.1Cisco

AUDIT AND ACCOUNTABILITY

2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'CIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

2.2.14 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

3.1.2 Ensure the log destinations are set correctlyCIS PostgreSQL 9.6 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.3 Ensure the logging collector is enabledCIS PostgreSQL 11 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 10 DB v1.0.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.1.4 Ensure the log file destination directory is set correctlyCIS PostgreSQL 9.5 DB v1.1.0PostgreSQLDB

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1'CIS Distribution Independent Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.2.4 Ensure suspicious packets are logged - sysctl net.ipv4.conf.all.log_martiansCIS Distribution Independent Linux Server L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.all.log_martians' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /etc/sysctl.conf /etc/sysctl.d/*'CIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians = 1 /sbin/sysctl'CIS CentOS 6 Server L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'net.ipv4.conf.default.log_martians' (sysctl.conf/sysctl.d)CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

3.3.4 Ensure suspicious packets are logged - 'sysctl net.ipv4.conf.all.log_martians'CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.1 Ensure auditd is installed - audit-libsCIS CentOS 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabledCIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabledCIS Debian Family Server L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.2 Ensure auditd service is enabledCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditd service is enabledCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditd service is enabledCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat 6 Server L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Red Hat 6 Workstation L2 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.2 Ensure auditd service is enabledCIS Debian 9 Workstation L2 v1.0.1Unix

AUDIT AND ACCOUNTABILITY

4.1.3 Ensure auditing for processes that start prior to auditd is enabledCIS Debian 8 Server L2 v2.0.2Unix

AUDIT AND ACCOUNTABILITY

4.1.4 Ensure auditing for processes that start prior to auditd is enabledCIS Distribution Independent Linux Server L2 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

4.1.17 Ensure the audit configuration is immutableCIS Debian Family Workstation L2 v1.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.1 Ensure rsyslog is installedCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.2 Ensure rsyslog Service is enabledCIS CentOS 6 Workstation L1 v3.0.0Unix

AUDIT AND ACCOUNTABILITY

4.2.1.3 Ensure logging is configuredCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.5 Ensure SSH LogLevel is appropriateCIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0Unix

AUDIT AND ACCOUNTABILITY

5.2.5 Ensure SSH LogLevel is appropriateCIS Distribution Independent Linux Workstation L1 v2.0.0Unix

AUDIT AND ACCOUNTABILITY

5.3.3.1.15 Ensure audit is set in /etc/security/faillock.confCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

ACCESS CONTROL

6.1.1 Ensure the 'USER' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.4 Ensure the 'PROFILE' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.7 Ensure the 'PUBLIC SYNONYM' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.11 Ensure the 'GRANT ANY OBJECT PRIVILEGE' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.14 Ensure the 'ALL' Audit Option on 'SYS.AUD$' Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.15 Ensure the 'PROCEDURE' Audit Option Is EnabledCIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.1.16 Ensure the 'ALTER SYSTEM' Audit Option Is EnabledCIS Oracle Server 18c DB Traditional Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.20 Ensure the 'CREATE PROCEDURE/FUNCTION/PACKAGE/PACKAGE BODY' Action Audit Is EnabledCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

AUDIT AND ACCOUNTABILITY

6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS EnabledCIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

AUDIT AND ACCOUNTABILITY

6.3.3.10 Ensure successful file system mounts are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 ServerUnix

AUDIT AND ACCOUNTABILITY

6.3.3.10 Ensure successful file system mounts are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 WorkstationUnix

AUDIT AND ACCOUNTABILITY

6.3.3.10 Ensure successful file system mounts are collectedCIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIGUnix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category dnssecCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY

9.2 Configure a Logging File Channel - category xfer-outCIS BIND DNS v1.0.0 L1 Authoritative Name ServerUnix

AUDIT AND ACCOUNTABILITY